User Tools

Site Tools

More News

Date

Title

Content

09 Dec 2018

Aircrack-ng 1.5.2

Fourth and last release of the year. It is smaller than the previous one but we did want to release the fixes and improvements before the holidays so it will be available for Shmoocon next month in your favorite distro. Small issues were found in 1.5 and then in 1.5.1, which is why we ended up with 1.5.2.

It brings fixes, a new feature and lots of improvements. More details in our blog post.

07 Nov 2018

Blog post: Continuous Integration/Contious Delivery

We have been using a lot of different tools and fined tuned them to provide us better and better information which has contributed to increase code quality over time. This blog post gives an overview of our current CI/CD infrastructure and some future improvements we are working on.

15 Oct 2018

Blog post: Using Qemu to run a Big Endian Debian system

PCAP, IVS and hashcat capture files contain headers that store timestamps and other fields as integer values. In most cases, we're dealing with the same endianness (little), so this isn't too big of a deal but when a program needs to run on both big and little endian, values needs to be swapped to read the values as they were stored.

We have quite a few buildbots to handle a lot of test cases and while we're taking care of swapping for endianness in most cases, one bug slipped through the net. This is a good opportunity to create a MIPS big endian system using QEMU and Debian as a guest so we can possibly use it later on as another buildbot.

8 Oct 2018

Blog post: Aircrack-ng packages

As mentioned in our 1.4 release blog post, we are now providing package repositories for a number of Linux distributions: Debian, Ubuntu, OpenSuse, Fedora, RHEL, CentOS and a few others.

Getting this done for so many distributions (and multiple version of each) wasn't an easy feat but we're now automatically building packages for releases and, for the adventurous ones, each commit in our GitHub repository is packaged too, in a separate repository. Head to our blog post for more details and how to use it.

We're on a roll, this is the third release of the year. We are still focusing a lot on code quality, while fixing bugs, improving all around and adding features:
- PMKID cracking
- Cracking capture files with 802.11w
- Speed and memory usage improvement when loading (large) files with Aircrack-ng and Airdecap-ng
- Packages for Linux distributions and Windows
- CI/CD tweaks and improvements
- New tests
More details can be found in our blog post.

16 Sep 2018

Blog post: Debian and FreeBSD on QEMU with MMX-only CPU

A recent bug (and PR) was opened, aircrack-ng couldn't be built with MMX using a i586 toolchain. Finding computers without SSE2 nowadays is not easy and it is even harder to find a distribution that supports them.
In this blog post, we use qemu to emulate a Pentium 2 and a Pentium MMX and use distributions that still work on them to test the bug.

10 Jul 2018

Aircrack-ng 1.3

We're bringing more good stuff in this release. We've been busy fixing bugs left and right, some of them thanks to Coverity Scan, valgrind and other static code analyzers.
We've also refactored some of the code and improved the code quality along the way. We can now successfully build across lot of platforms (Windows, Linux, BSD, OSX) and CPU architectures (x86 and 64 bit, ARM v7, ARM v8, PowerPC, etc).

The most notable changes are in Aircrack-ng. It gets a speed bump in most CPU architectures we support, the ability to pause/restore cracking session and using HCCAPx files.

Other tools also see improvements. All the details about them as well as pretty performance graphs, can be found in our blog post.

15 Apr 2018

Aircrack-ng 1.2

It's been way too long since the last stable release.

Compared to the last stable, 1.1, this release has a huge amount of improvements and fixes. The changelog since 1.1 is almost 300 lines long (1200+ commits). Code quality has improved, in parts thanks to Coverity Scan. We now switched to GitHub completely and have a few buildbots (including one for Windows) to test building and run the test suite on a different platforms.

On top of tons of fixes and improvements everywhere (and on multiple platforms), this release switched to autotools which allows compiling on more platforms. A trampoline binary has been added for Aircrack-ng to automatically select the fastest version for your CPU features. It will also help package maintainers greatly.

We finally made it completely, we migrated from trac and subversion to GitHub. It was far from a simple program to run and switch to GitHub, it was a lot more complex task. You can find more details on this blog post.

16 Oct 2017

Blog post: KRACK WPA Vulnerability - Key Reinstallation AttaCK

In this blog post, the new KRACK vulnerability is explained: a brief summary, who's affected, what to do and links to resources related to the vulnerability.

TL;DR: Another day, another vulnerability, just patch your systems. It allows decryption of traffic but does not disclose the WPA key.

In this blog post, we answer some common questions regarding various topics: using drivers, driver development, embedded chipsets, 802.11n/ac capture/injection, a few different current chipsets/drivers (rtl8812au, ath9k_htc, QCA6174), linux-backports (aka compat-wireless) and some other good news.

9 Aug 2017

Blog post: lesser known features of Aircrack-ng: interactive mode and keys

In this blog post, we discuss another lesser known features of Aircrack-ng: interactive mode and keys in airodump-ng.

27 Mar 2017

Blog post: lesser known features of Aircrack-ng

In this blog post, we discuss some lesser known features of Aircrack-ng such as reading compressed wordlists, rainbow tables and distributed cracking.

20 Feb 2017

Blog post: iw monitor flags

When setting an interface in monitor mode manually, iw has a few different flags: none, fcsfail, control, otherbss, cook, active.
The meaning of those different flags are explained in the blog post.

If you want to attack WPA Enterprise, applying WPE patches to HostAPd or Freeradius would do the job. However, they haven't been updated in a long time and still used old software versions (HostAPd 2.2 and Freeradius 2.1 which is EOL).

It is no longer the case as they are now available for the latest and greatest version of HostAPd and Freeradius. We took the job upon ourselves to update them and keep updating them whenever a new versions get released. The icing on the cake is that both of them are available as packages in Kali and a tutorial for HostAPd-WPE has been created.

All the details as well as a link to the patches can be found in this blog post.

15 Feb 16

Aircrack-ng compilation matrices

I tried to compile Aircrack-ng on a 'few' systems and different CPUs to see how it works and I was quite surprised by the amount of systems it can be compiled on (and most of the time, it can be compiled with both gcc and clang).

Fourth release candidate. There will be another one, some small bugs still need to be fixed but it should happen fairly soon. On top of a big speed increase (up to 175% increase) that also fixes compilation on Cygwin 64 bit, it includes a ton of fixes and improvements on Linux, *BSD, Solaris and Cygwin on x86 and Linux on ARM and MIPS.

30 Dec 15

Cracking speed improvements

I recently put a bug bounty for anybody who can fix compilation on cygwin 64 bit. darkfires took up the challenge and fixed it. But he did a lot more than that and started fixing some other bugs and decided to bring Aircrack-ng up to date with current CPU and take advantages of AVX and AVX2 instructions to improve cracking speeds (up to 175% increase on Intel Skylake CPUs).

This was quite a challenge, but it got finally integrated into our subversion repository in r2800. You can read more about it in the blog. Please test it and send us feedback via the forum.

21 Nov 15

Aircrack-ng 1.2 RC 3

Third release candidate and hopefully this should be the last one. It contains a ton of bug fixes, code cleanup, improvements and compilation fixes everywhere. Some features were added: AppArmor profiles, better FreeBSD support, including an airmon-ng for FreeBSD.

10 Apr 2015

Aircrack-ng 1.2 RC 2

Here is the second release candidate. Along with a LOT of fixes, it improves the support for the Airodump-ng scan visualizer. Airmon-zc is mature and is now renamed to Airmon-ng. Also, Airtun-ng is now able to encrypt and decrypt WPA on top of WEP. Another big change is recent version of GPSd now work very well with Airodump-ng.

04 Apr 2015

Training at BlackHat USA

I will be teaching once again Advanced Wi-Fi Pentesting with Vivek Ramachandran at BlackHat Las Vegas this year. It's gonna be even better than last year!

31 Oct 2014

Aircrack-ng 1.2 RC 1

Here is the first release candidate. Exactly 7 month since the last beta. There will be most likely another one then the final release in the next few month.

Updating is highly recommend as this contains a lot of bug fixes and improvements as well as security fixes (CVE-2014-8321, CVE-2014-8322, CVE-2014-8323 and CVE-2014-8324). More details can be found in the blog.

I guess you all heard about that nasty vulnerability in OpenSSL. If not, you can read more about it on Wikipedia.

Aircrack-ng, the software itself, is not affected at all since it doesn't rely on heartbeat, so recompiling is not necessary.

Some parts of the website may have been affected (only if you had an account on it):
- Wiki
- Trac
- SVN
If you are concerned, you can contact me about it. I will gladly help you change your password if you had an account on any of those 3 subdomains that might have been affected.

Now, the good news:
- OpenSSL libraries and SSL certificates have been updated (and my hosting provider for the wiki seems unaffacted).
- I haven't noticed any suspicious activity so far but I will continue to monitor.
- We are now using certificates from CAcert for almost all parts of Aircrack-ng.org (the wiki is on a shared hosting). In order to avoid your browser giving you a warning, please install the CAcert root certificate on your system.
- The forum didn't have HTTPS, so, it wasn't affected at all. Thanks to the new certificate, it is now accessible over HTTPS.

31 Mar 2014

Aircrack-ng 1.2-beta3 release

And a third beta. I can guarantee there will be at least a fourth one before the final 1.2 release.
Release Notes:
- Finally fixed the buffer overflow for good.
- Fixed issue with invalid channels when scanning (108, 125, etc) that was due to radiotap parsing.
- Updated radiotap parser to the latest git.
- Other small fixes.

30 Nov 2013

Aircrack-ng 1.2-beta2 release

Here is a second beta. Enjoy it
Release Notes:
- Compilation fixes on all supported OSes.
- Airbase-ng IE order fixed
- Improved WEP cracking speed using PTW
- Fixed WPA capture decryption when WMM is used
- Fixed memory leaks in several parts of the suite
- Fixed compilation with recent version of gcc, on cygwin and on Gentoo hardened
- Now using Coverity Scan for static code analysis
- Lots of other small fixes.

18 Sep 2013

Recent decision by judge on WiFi sniffing

If you've been following me on twitter, you probably read a lot about the recent decision from the judge Jay S. Bybee of the United States Court of Appeals for the 9th Circuit saying Google violated the Wiretap law by collecting data from unencrypted WiFi networks while using their Street view cars. If you want more details, you can read a news article on TechDirt and here is a blog post about it.

15 Aug 2013

DerbyCon training

I'll be giving a training at DerbyCon, WiFi Hacking. Sign up before there is no seat left.

12 Aug 2013

BSides Las Vegas talk

The video of talk I did with Tod Beardsley, The Slings and Arrows of Open Source Security, at BSides Las Vegas is online thanks to Iron Geek.

31 May 2013

New forum

The new forum is now available.
You'll have to register again since it is a brand new installation. If you had more than 100 posts in the old forum, use the same email address to register.

I wanted to reinstall the old one before I gave access to this one but my provider, OVH, doesn't let me access my backed up data on the forum server that crashed a few weeks ago. And it looks like I won't be able to reinstall before the end of June (or whatever time they roll out their new cloud).
Support told me they prevent starting VM instance which is probably the reason why the instance crashed in the first place; reboot wasn't allowed in the interface, so it decided to stop (and thus lose my data).

25 May 2013

1.2 Beta 1 Release

After a few years, we finally got a release: 1.2 Beta 1. Enjoy
Release Notes:
- Compilation fixes on all supported OSes.
- Makefile improvement and fixes.
- A lot of fixes and improvements on all tools and documentation.
- Fixed licensing issues.
- Added a few new tools and scripts (including distributed cracking tool).
- Fixed endianness and QoS issues.

Two more things:
- The forum will be ready in a few days.
- We are now using Travis CI for continuous integration.

20 May 2013

Forum/Trac/SVN/GitHub/release

Trac was migrated to a new server. URL didn't change and it is now also available via HTTPS.
Subversion has been moved to another server/URL: https://svn.aircrack-ng.org. You can also use HTTPS but it's a self-signed certificate for now.
Just relocate your local copy and you're good to go.

The forum's cloud instance crashed a few weeks ago and the last backup I have is 10 month old. I am deeply sorry for the data loss. I wish I learned a different way to be more careful with backups but what is done is done :/
That backup will be available in read-only mode and I'll also install a brand new SMF.
There will be some announcements once the new forum is installed.

There will be a release (alpha or beta) this upcoming week-end. A lot of improvements and fixes have been done since the last release a few years ago and this is probably the longest changelog we've ever had.

Serious security flaw found in new traffic lights. A new kind of traffic light being used is controlled by an Access Point with simple passphrase to access it. More details in the blog.

08 Oct 2012

Blog post: Will my card work with Aircrack-ng?

Due to the amount of questions about new card and Aircrack-ng compatibility, I made a blog post about it.

10 Jul 2012

Offensive Security live training (PwB) in Colorado Springs, CO

NEK is hosting Pentesting with Backtrack live training taught by Offensive Security, here in Colorado Springs (Colorado, USA) in September (3-7). More details can be found on the flyer and if you have any question, you can also contact me.

6 Jul 2012

Trac/Subversion/Forum up

I've been working the past week to make sure those services are safe to use and they're now up and running.
While it was down, I took the opportunity to migrate the forum to a new server that I hope more secure and with less issues for you.
You can find more details in the blog.

6 Jun 2012

More about the forum virus

I posted an update about the forum virus in the in the blog.

The Apache log didn't help much since it contained truncated request but the index.php file was modified and you can see the details of the modifications.

I also want to thank everybody who helped me so far :)

29 May 2012

Forum virus details

I have been investigating that forum virus and you can find more details in the blog. I'll keep that blog up to date as I know more about it.

To just summarize, it was uploaded through the forum on May 22 at 23h12 (11.12pm) GMT/UTC and I stopped the server on May 24, around 14h00 (2pm) when I got the notice about it. I'm really sorry if that piece of shitcode caused any issue. Let me know if that happened.

24 May 2012

Forum virus

When checking my email this morning, I was told there was a virus on the forum, JS/Iframe.DK to be precise.

For security reasons, I immediately shutted down the whole server when I got the email. It is not going to be back up before I know it is completely safe to use (and know what/how/when it happened). As far as I know, it probably happened between 6am and 2pm GMT today and I'm almost positive it is just one malicious forum post.

Trac/Subversion is also down so if you need the latest revision from subversion, you can always download it from our nightly build server.

I will keep you posted. I am really sorry for the inconvenience.

8 Apr 2012

Aircrack-ng in movies

I'm happy to see that Aircrack-ng is used in movies; a friend of mine send me that screenshot this morning. Too bad they removed the beginning of the name but we can still recognize it easily and have a rough idea when it was shot. If you ever see it in any other movie, please let me know.

By the way, the news on April 1st was an April fools'.

1 Apr 2012

WPA Flaw let us crack the PMK in a few minutes

Today we are very proud to announce the we found a flaw that let us crack WPA in just a few minutes no matter what the passphrase length is. You can find more details in the blog.

5 Feb 2012

Commercial support survey

We are going to also offer commercial support (besides other existing support options) and I'd like to ask you to take 5 minutes of your time to give your opinion in this survey if you're interested in.
Do not hesitate to contact me if you have any question about it.

25 Jan 2012

OpenWIPS-ng logo contest

I launched a few months ago another project, OpenWIPS-ng, an Open Source Wireless IPS. We need a logo and that's why there's a contest. The prize for the winner is $250. More details on the website.

25 Jan 2012

Updates

I've seen a couple of post in the forum asking if the project was still alive since there was no update on the website. Yes it is still alive as you can see on trac and Twitter, I just haven't been updating the website.
By the way, you should use the version from our subversion instead of the stable, lots of things have changed.

For those on IRC, we finally got a cloak for the project. And it is not limited to the developpers of Aircrack-ng. So if you help others on a regular basis (in IRC or the forum) or if you did a significant contribution to the project (important fix or change), contact me to get yours

The server hosting Trac and Forum has been completely replaced (with the exception of the hard disk) and it now works fine. You can read more in the blog.

19 May 2010

More details about trac and forum down

The server hosting trac and forum is still down but it will be up soon. You can read the whole story in the blog.

18 May 2010

Trac and Forum down

The server hosting Trac and Forum is currently down. You can already get some information about it on Twitter and I'll give more details tomorrow. Sounds like migration will happen earlier than expected ;).

Aircrack-ng 1.1 is now released. A lot of bug fixes (including the buffer overflow in different tools) and improvements have been done. The most noticeable changes are the addition of airdrop-ng by TheX1le and the interaction in airodump-ng.

Aircrack-ng was aquired by the BackTrack Team. You can read more on Backtrack and on my blog.

21 March 2010

Mailing list and monthly newsletter

The poll and the enthusiasm of the posters in the forum convinced me and I created the monthly newsletter mailing list. I also took the time to create a public mailing list. You can read more in this blog post.

11 March 2010

Poll: Monthly newsletter

Would you be interested in getting the Monthly news in your email inbox too? If you're interested, vote or leave a comment in this forum thread or even email me.

After 1 week of downtime due to a DoS, the website is now up. Thanks to everybody who helped. I also would like to recommend to the author of that DoS to read the following post.

2 April 2009

April fool

The news of yesterday was an April fool :)

1 April 2009

Airodump-ng now works with native wireless driver on Windows

Airodump-ng now works with native wireless driver on Windows. More information on the blog. Here is the video.

26 March 2009

Aircrack-ng 1.0rc3 released

Aircrack-ng 1.0rc3 is released. Updating is recommended, there was a lot of bug fixes and improvements.

25 March 2009

Forum up

The forum is finally up. The new URL is forum.aircrack-ng.org. The good news for you is that you can keep all your bookmarks (including RSS feeds) to the old address, they will be redirected automatically to the new one. More details on the blog.

23 March 2009

Nightly tarball and forum down

There are two news items today. The good news is that we now have nightly tarballs (from subversion) at nightly.aircrack-ng.org. The bad news is that the forum database ran out of space and it was stopped (nothing was lost) so it will have to be moved elsewhere (More information on the blog).

18 March 2009

New website creation on-going

We are currently working on a new website, and more precisely on the entry of www.aircrack-ng.org. More information can be found in the forum (news and poll) and in the blog.

14 March 2009

New blog

I just created a new blog for aircrack-ng (better than the previous one :) )

31 January 2009

New version of Slitaz Aircrack-ng

We are pleased to announce the release of the Slitaz Aircrack-ng Distribution which can be run off a CD or USB. The USB version also allows for persistent changes.

22 January 2009

Aircrack-ng 1.0rc2 released

Aircrack-ng 1.0rc2 is released. Updating is recommended, there was a lot of bug fixes and improvements and 2 new tools were added: airdecloak-ng and tkiptun-ng. On Aircrack-ng, WPA bugs should be fixed and speed was greatly improved for computers that supports SSE2. Latest version of Airgraph-ng and Airoscript were included in this release.

27 december 2008

25C3

We are at 25C3 and I took a phone. The phone number is 5500 and it is linked to a real phone number: +49 (0)4615056623 5500.

20 december 2008

Forum online

The forum is back online.

6 december 2008

Trac and forum up

Trac and forum are now up.

5 december 2008

Forum down

The forum is currently down. We are currently working on this issue.

3 december 2008

Airoscript updates

For those who wondered what became airoscript, it is alive. XayOn has been working on it for a few weeks and he just released a new version.

17 November 2008

WPA Workshop at UNAM

I'll give a workshop about WPA at INTROMISÓN (UNAM University in Mexico) next week.

8 November 2008

Attacks on WPA TKIP - get the right information

You can get the right informations about the recent news on WPA by reading this article from ars technica. Here is the paper, Practical attacks against WEP and WPA written by Martin Beck and Erik Tews (it describes advanced attacks on WEP and the first practical attack on WPA).

The start of the Techniques Papers section of the links page contains articles which describe the new WPA/TKIP exploit.

7 November 2008

Tarball of our SVN repository

Here is a tarball. Get the latest version from our subversion repository. It already contains tkiptun-ng and airdecloak-ng.

6 November 2008

Reaction about recent WPA news

I'd like to react to the recent WPA news on slashdot, PCworld, ITworld, cnet and others because they are mixing a lot of information: Martin Beck, a member of the team, is the author of the new tool but not the author of aircrack-ng suite. You can get more information about this new tool here (including installation instructions). More information will be given tomorrow.

6 November 2008

Airdecloak-ng

The tool to filter wep cloaking announced at Defcon 16 is now published (in our subversion repository): airdecloak-ng.

4 November 2008

Aircrack-ng logo contest

Aircrack-ng logo has now more than 2 years, it's getting old and we would like to have a new logo. That's why we are launching a contest. The prize is a t-shirt with the new logo. More information can be found here.

4 November 2008

Brussels workshop - information

Some more information about the workshop: there's no admission fee, you don't have to pay or register to attend it. The workshop will be done in english. Last but not least, it is not only for experts, it's also for beginners. I'll take some hardware, so don't forget to bring your laptop if you want to play with wireless.

27 October 2008

Brussels workshop

I'll give a workshop about aircrack-ng at Brussels the 9 November 2008 at 14h (2pm). It should be done at Okno (Koolmijnenkaai 30/34 Quai aux Charbonnages – 1080 Brussel). Bring your laptop. The address will be confirmed here the day before.

A new VMware virtual machine is available. See this page for more information.

11 October 2007

New buildbot computer

We received a new computer (with 2Gb RAM) to host buildbots; it should be installed tomorrow. It will replace the old server.

8 October 2007

Wildpacket drivers

We receive a lot of e-mails asking if Windows (wilpackets and others) driver will support such chipset or such card. Please stop sending such questions, we do not know because these drivers are closed source and we do not develop them.

1 October 2007

Aircrack-ng beta

A first beta of 1.0 is released. New tools and and a lot of improvements (and bug fixes) were made on this version compared to 0.X.

26 September 2007

Anti-virus detecting Aircrack-ng as a virus

Avast Antivirus (and maybe others) flags aircrack-ng 0.9.1 (windows) as a virus, it's a false positive. I contacted them to fix that issue.

26 September 2007

WinAircrack

I received several mails about WinAircrack but we do not develop it and I have no way to contact the author to forward him the mails.

29 August 2007

New computer cancelled, already sold

The new computer is cancelled, it was already sold.

28 August 2007

New computer for buildbots

I should get the new computer to host VMWares tomorrow. It will be up and running next week.

24 August 2007

24C3

24th Chaos Communication Congress is just announced. We will be there ;)

21 August 2007

Account creating disabled due to wiki vandal

No more account (reading doesn't require an account) creation will be allowed due to a recent vandalism to the wiki.
Account cleanup will be done and only known users will have an account.
If you need to edit the wiki, tell us in IRC or on the forum.

If you create Aircrack-ng packages for one or more distro and you need webspace to store them, send me a mail and I'll give you a FTP account. If you don't need hosting, you can just add here a link to your website.

10 may 2006

Madwifi-ng patch updated

Updated madwifi-ng patch for r1545.

06 may 2006

Transferring wiki docs (update)

Big parts of the old website tinyshell.be are now available at this wiki (thanks to fab).

05 may 2006

Transferring wiki docs

I have to copy the tinyshell.be content to this place but I don’t have so much time at the moment.

04 may 2006

Wiki database destroyed

Old wiki database is completely destroyed (the same for backups :/)

15 april 2006

Website up

The new site is now up, use www.aircrack-ng.org. Edit on tinyshell.be wiki will be disabled and next month all pages will be redirected to the new URL.

8 april 2006

New hosting

I bought a new hosting. The main changes you'll notice is that the wiki will be faster and there will be a mailing-list.

5 april 2006

IRC Bot

As you saw, there's a bot (Bibox) announcing forum post and wiki changes (Thanks to D3vil).

2 april 2006

HostAP injection patch updated

Updated HostAP injection patch (Thanks to Zero_Chaos). See HostAP for more informations.

31 march 2006

Zaurus Build available

As promised, Zaurus build is available (and updated drivers).

30 march 2006

Aircrack-ng 0.3 released

Aircrack-ng 0.3 is released. There's lots of bug fixes and now madwifi-ng is supported (capture and injection). Zaurus build will follow in a few hours.

30 march 2006

IPW2200 injection

You can inject packets with IPW2200 under certain conditions (see IPW2200Inject).

25 march 2006

Bookmark www.aircrack-ng.org

tinyshell.be/aircrackng/wiki is a temporary URL, please bookmark www.aircrack-ng.org, I'll have hosting on this domain mid-april. You can already reach the website with this URL.

23 march 2006

Aircrack-ng 0.3 information

Aircrack-ng (0.3) can now work with both madwifi-ng and madwifi-old. Next week, I'll release it with some other improvement and patches I received.

20 march 2006

Aircrack-ng 0.2.1 released

Aircrack-ng 0.2.1 released (Linux and windows versions availables, other builds will follow).

20 march 2006

Madwifi-ng

madwifi-ng driver doesn't work very well atm. I plan to work it in a few releases.